<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Jan 29, 2016, at 9:12 PM, Sean Silva <<a href="mailto:chisophugis@gmail.com" class="">chisophugis@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><br class="Apple-interchange-newline"><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><div class="gmail_quote" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;">On Fri, Jan 29, 2016 at 8:32 PM, Anna Zaks via cfe-dev<span class="Apple-converted-space"> </span><span dir="ltr" class=""><<a href="mailto:cfe-dev@lists.llvm.org" target="_blank" class="">cfe-dev@lists.llvm.org</a>></span><span class="Apple-converted-space"> </span>wrote:<br class=""><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex;"><div style="word-wrap: break-word;" class=""><br class=""><div class=""><span class=""><blockquote type="cite" class=""><div class="">On Jan 29, 2016, at 4:33 PM, Philip Reames <<a href="mailto:listmail@philipreames.com" target="_blank" class="">listmail@philipreames.com</a>> wrote:</div><br class=""><div class=""><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;" class=""><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; float: none; display: inline !important;" class="">On 01/28/2016 05:53 AM, Aaron Ballman via cfe-dev wrote:</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;" class=""><blockquote type="cite" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;" class="">On Thu, Jan 28, 2016 at 2:31 AM, Anna Zaks <<a href="mailto:ganna@apple.com" target="_blank" class="">ganna@apple.com</a>> wrote:<br class=""><snip..><br class=""><blockquote type="cite" class="">This is by design. Many more people have compiler as part of their daily<br class="">flow so it’s best to have such errors being reported by the compiler.<br class="">Having the analyzer produce all of the compiler warnings is likely to be too<br class="">nosy for the users.<br class=""></blockquote>Personally, I find that design to lead to a confusing user experience.<br class="">When I run the analyzer, my mental model is that I am running the<br class="">compiler plus some additional analyses. When I don't get compiler<br class="">warnings that I would otherwise get, it feels like I (as the user)<br class="">have configured things improperly and done something wrong. Put<br class="">another way: the point to running a static analyzer is to find out<br class="">what's wrong with some code, so it's surprising that we would disable<br class="">some of those notices of what's wrong that would otherwise be enabled<br class="">by default.<br class=""><br class="">Perhaps my mental model is in the minority, but it's another anecdote<br class="">to remember if this design is ever reconsidered again.<br class=""></blockquote><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; float: none; display: inline !important;" class="">I'd also find the current design slightly confusing. I generally don't expect to see *fewer* warnings when I tell the compiler to work harder unless the original warning really was a false positive.</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;" class=""></div></blockquote><div class=""><br class=""></div></span><div class="">By calling "$clang —analyze” you are not calling the compiler and asking it to work harder. You are calling another tool that is not going to compile for you but rather provide deep static code analysis. Calling "clang —analyze" could call the compiler behind the scenes and report the compiler warnings in addition to the static analyzer issues. However, when warnings from both tools are merged in a straightforward way on command line, the user experience could be confusing. For example, both tools report some issues such as warning on code like this:</div><div class=""> <span class="Apple-converted-space"> </span>int j = 5/0; // warning: Division by zero</div><div class=""> // warning: division by zero is undefined [-Wdivision-by-zero]</div><div class=""><br class=""></div><div class="">Most importantly, end users should never invoke the analyzer by calling “clang —analyze” since “clang —analyze” is an implementation detail of the static analyzer. The only documented<span class="Apple-converted-space"> </span><i class="">user facing</i> clang static analysis tool is scan-build (see<span class="Apple-converted-space"> </span><a href="http://clang-analyzer.llvm.org/" target="_blank" class="">http://clang-analyzer.llvm.org</a>).</div></div></div></blockquote></div></div></blockquote><blockquote type="cite" class=""><div class=""><div class="gmail_quote" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><div class=""><br class=""></div><div class="">--analyze is in `clang -help`.</div></div></div></blockquote><br class="">I guess, I should have said “advertised and recommended”, not “documented”. A lot of low-level options are documented in 'clang -help'.</div><div><br class=""><blockquote type="cite" class=""><div class=""><div class="gmail_quote" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><div class="">Also, clang-check advertises a `-analyze` option which was clearly intentionally added.</div></div></div></blockquote><div><br class=""></div><div>Is it advertised in places other than help? Again, I do not think we can provide a good user experience for consuming the analyzer results without showing the paths, which 'clang-check' does not do.</div><br class=""><blockquote type="cite" class=""><div class=""><div class="gmail_quote" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><div class=""> So it seems spurious to say that the only user-facing way to invoke the analyzer is scan-build.</div><div class=""><br class=""></div><div class="">In fact, anecdotally I seem to remember --analyze as being considered a user-facing option. I'm pretty sure that if I go digging back through old devmtg slides or whatnot I'll find a presentation recommending its use.</div></div></div></blockquote><div><br class=""></div>Our team has always been careful about not recommending end users to run 'clang —analyze' directly, mainly, because their workflow would stop working if the analyzer ever adds whole program analysis. (Of cause LLVM community knows about the clang option but they are not average end users.)</div><div><br class=""><blockquote type="cite" class=""><div class=""><div class="gmail_quote" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><div class=""><br class=""></div><div class="">-- Sean Silva</div><div class=""> </div><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex;"><div style="word-wrap: break-word;" class=""><div class=""><div class="">Here are some reasons for that. For one, it is almost impossible to understand why the static analyzer warns without examining the error paths. Second, the analyzer could be extended to perform whole project analysis in the future and "clang —analyze" works with a single TU at a time.</div><div class=""><br class=""></div><div class="">I agree that the best user experience is to report all warnings in one place, while still differentiating which warning was reported by which tool. It would be awesome if the results from all bug finding tools such as the clang static analyzer, the compiler, and clang-tidy would be reported through the same interface.</div><div class=""><br class=""></div><div class="">The CodeChecker team is working on a solution for that and I hope we can incorporate their technology in LLVM/clang.</div><div class=""><br class=""></div><blockquote type="cite" class=""><div class=""><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; float: none; display: inline !important;" class="">Philip</span></div></blockquote></div><br class=""></div><br class="">_______________________________________________<br class="">cfe-dev mailing list<br class=""><a href="mailto:cfe-dev@lists.llvm.org" class="">cfe-dev@lists.llvm.org</a><br class=""><a href="http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev" rel="noreferrer" target="_blank" class="">http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev</a></blockquote></div></div></blockquote></div><br class=""></body></html>